I've posted the required logs in the proper section and am desperately waiting for help, but searching around I'm unable to find answers to the questions I have here.
first, upon discovery that I had a virus, spybot was the program to discover it, the computer wouldn't boot into normal mode, I can only run in safe mode. When I "cleaned" the virus with spybot, my computer booted into normal mode for about 10 mins and then crashed, and failed to boot normally again, resulting in me being forced to use safe mode again.
What happened that the virus was able to reinfect my windows install after being "removed"??
One of the first things I tried before I knew I had a virus, was to pop in a new 80GB HD, NO PARTITIONS. I did have my other 4 HD's plugged in at the time. as soon as I booted up the computer, I received a warning about the boot sector was going to be modified...... stupidly I allowed this as I assumed it was part of the PE CD I was going to use to prepare the new HD.
I partitioned the drive and tried to install windows. upon reaching "Installing Devices" the install would crash after loading my keyboard and mouse, the same point at which windows would crash when trying to boot into normal mode.
on a new clean install, how is this virus being loaded by the windows installer, when it obviously isn't part of windows?
I unplugged ALL hard drives, and used ONLY a PE CD (MiniPE), with absolutly no hard drives plugged in, MiniPE would get to its loading/splash screen, load my keyboard and mouse, and then crash.
How is this virus able to prevent Pre-installation Environment CD with no hard drives connected from loading, in the same fashion as my infected windows install?
I put the NEW HD back in as the ONLY hard drive, used Win98 bootdisk, and did an FDISK on this new drive to delete the partitions. IMMEDIATELY I got the warning again about the boot sector being modified. I disallowed it this time. THERE ARE NO PARTITIONS ON THE DRIVE AT THIS POINT. so I boot up the computer to install windows and re-partition the drive HOWEVER, instead of getting an error about not having a boot drive, or the drive not having partitions, THE HALF FINISHED WINDOWS INSTALL CONTINUED....
How could the windows install try and continue when there are no partitions on the new hard drive? continuing from "installing Devices" and crashing again after loading my mouse and keyboard??
Long story short, does this virus infect the BIOS??? I realize it has created a device in device manager, which I thought I had removed before posting my logs here, but obviously it's still around.
Where the heck is this virus hiding that it is able to wreak such havoc and even prevent me from installing windows on a new drive, or preventing MiniPE from loading with no hard drives connected?
I have done nothing since I've posted logs here, but I REALLY would appreciate any helpful answers to these questions that anyone could give me.
everything I have seen with this virus, goes against everything I've personally experienced with computers for the past 15 years... I have NEVER encountered anything like this.
Edited by BigJohnny, 26 August 2009 - 07:06 PM.